From fiscal years 2006 through 2010, the Department of Homeland Security (DHS) has awarded nearly $1.7 billion dollars to port areas through its Port Security Grant Program (PSGP) to protect critical maritime infrastructure and the public from terrorist attacks. The Federal Emergency Management Agency (FEMA)--a DHS component agency--is the agency responsible for distributing grant funds. GAO was asked to evaluate the extent to which DHS has (1) allocated PSGP funds in accordance with risk; (2) encountered challenges in administering the grant program and what actions, if any, DHS has taken to overcome these challenges; and (3) evaluated the effectiveness of the PSGP. To address these objectives, GAO reviewed the PSGP risk model, funding allocation methodology, grant distribution data, and program documents, such as PSGP guidance. Additionally, GAO interviewed DHS and port officials about grant processes, funding distribution, and program challenges, among other things.

In 2010 and 2011, PSGP allocations were based largely on port risk and determined through a combination of a risk analysis model and DHS implementation decisions. DHS uses a risk analysis model to allocate PSGP funding to port areas that includes all three elements of risk--threat, vulnerability, and consequence--and DHS made modifications to enhance the model's vulnerability element for fiscal year 2011. For example, DHS modified the vulnerability equation to recognize that different ports can have different vulnerability levels. However, the vulnerability equation is not responsive to changes in port security--such as the implementation of PSGP-funded security projects. Additionally, the vulnerability equation does not utilize the most precise data available in all cases. DHS addressed prior GAO recommendations for strengthening the vulnerability element of grant risk models, but the PSGP model's vulnerability measure could be further strengthened by incorporating the results of past security investments and by refining other data inputs. FEMA has faced several challenges in distributing PSGP grant funds, and FEMA has implemented specific steps to overcome these challenges. Only about one-quarter of awarded grant funding has been drawn down by grantees, and an additional one-quarter remains unavailable (see table below). Funding is unavailable--meaning that grantees cannot begin using the funds to work on projects--for two main reasons: federal requirements have not been met (such as environmental reviews), or the port area has not yet identified projects to fund with the grant monies. Several challenges contributed to funds being unavailable. For example, DHS was slow to review cost-share waiver requests--requests from grantees to forego the cost-share requirement. Without a more expedited waiver review process, grant applicants that cannot afford the cost-share may not apply for important security projects. Other challenges included managing multiple open grant rounds, complying with program requirements, and using an antiquated grants management system. FEMA has taken steps to address these challenges. For example FEMA and DHS have, among other things, increased staffing levels, introduced project submission time frames, implemented new procedures for environmental reviews, and implemented phase one of a new grants management system. However, it is too soon to determine how successful these efforts will be in improving the distribution of grant funds. FEMA is developing performance measures to assess its administration of the PSGP but it has not implemented measures to assess PSGP grant effectiveness. Although FEMA has taken initial steps to develop measures to assess the effectiveness of its grant programs, it does not have a plan and related milestones for implementing measures specifically for the PSGP. Without such a plan, it may be difficult for FEMA to effectively manage the process of implementing measures to assess whether the PSGP is achieving its stated purpose of strengthening critical maritime infrastructure against risks associated with potential terrorist attacks. GAO recommends that DHS strengthen its methodology for measuring vulnerability in ports by accounting for how past security investments reduce vulnerability and by using the most precise data available. GAO also recommends that DHS evaluate the cost-share waiver review process and take steps to expedite the process where appropriate and develop a plan with milestones for implementing performance measures for the PSGP. DHS concurred with GAO's recommendations.

Status Legend:

Review Pending-GAO has not yet assessed implementation status.

Open-Actions to satisfy the intent of the recommendation have not been taken or are being planned, or actions that partially satisfy the intent of the recommendation have been taken.

Closed-implemented-Actions that satisfy the intent of the recommendation have been taken.

Closed-not implemented-While the intent of the recommendation has not been satisfied, time or circumstances have rendered the recommendation invalid.

• Review Pending
• Open
• Closed - implemented
• Closed - not implemented

Recommendations for Executive Action

Recommendation: To help strengthen the implementation and oversight of the PSGP, and to ensure that waiver requests--including those submitted under previous cost-share years in which money remains unassigned and those that may be submitted in future grant rounds if a cost-share requirement is applied--are evaluated promptly, the FEMA Administrator---in conjunction with the Office of the Secretary of Homeland Security should evaluate the waiver review process to identify sources of delay and take measures to expedite the process.

Agency Affected: Department of Homeland Security: Directorate of Emergency Preparedness and Response: Federal Emergency Management Agency

Status: Review Pending

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: To help strengthen the implementation and oversight of the PSGP, to strengthen DHS's methodology for measuring vulnerability in ports, and to improve the precision of grant allocations to high-risk port areas, the Secretary of Homeland Security should direct the FEMA Administrator to coordinate with the Coast Guard to determine the most precise data available to populate the data elements within the vulnerability index and to utilize these data as an interim measure, until a revised vulnerability index is developed.

Agency Affected: Department of Homeland Security

Status: Review Pending

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: To help strengthen the implementation and oversight of the PSGP, to strengthen DHS's methodology for measuring vulnerability in ports, and to improve the precision of grant allocations to high-risk port areas, the Secretary of Homeland Security should direct the FEMA Administrator to develop a vulnerability index that accounts for how security improvements affect port vulnerability, and incorporate these changes into future iterations of the PSGP risk model.

Agency Affected: Department of Homeland Security

Status: Review Pending

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: To help strengthen the implementation and oversight of the PSGP, and to strengthen the administration, oversight, and internal controls of the PSGP, and to streamline processes, the Secretary of Homeland Security should direct the FEMA Administrator to develop---in collaboration with the Coast Guard---time frames and related milestones for implementing performance measures to monitor the effectiveness of the PSGP.

Agency Affected: Department of Homeland Security

Status: Review Pending

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.